Yearly Archives: 2023

Advisories

USN-6339-4: Linux kernel (Intel IoTG) vulnerabilities

Read Time:1 Minute, 38 Second

It was discovered that the NTFS file system implementation in the Linux
kernel did not properly validate MFT flags in certain situations. An
attacker could use this to construct a malicious NTFS image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2022-48425)

Zi Fan Tan discovered that the binder IPC implementation in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-21255)

It was discovered that a race condition existed in the f2fs file system in
the Linux kernel, leading to a null pointer dereference vulnerability. An
attacker could use this to construct a malicious f2fs image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-2898)

It was discovered that the DVB Core driver in the Linux kernel did not
properly handle locking events in certain situations. A local attacker
could use this to cause a denial of service (kernel deadlock).
(CVE-2023-31084)

Yang Lan discovered that the GFS2 file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious GFS2 image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-3212)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly validate buffer sizes in certain operations, leading to an out-of-
bounds read vulnerability. A remote attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information.
(CVE-2023-38426, CVE-2023-38428)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly calculate the size of certain buffers. A remote attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-38429)

Read More

Advisories

USN-6377-1: LibRaw vulnerability

Read Time:13 Second

It was discovered that LibRaw incorrectly handled certain photo files. If a
user o automated system were tricked into processing a specially crafted
photo file, a remote attacker could possibly cause applications linked
against LibRaw to crash, resulting in a denial of service.

Read More

News

Using Hacked LastPass Keys to Steal Cryptocurrency

Read Time:34 Second

Remember last November, when hackers broke into the network for LastPass—a password database—and stole password vaults with both encrypted and plaintext data for over 25 million users?

Well, they’re now using that data break into crypto wallets and drain them: $35 million and counting, all going into a single wallet.

That’s a really profitable hack. (It’s also bad opsec. The hackers need to move and launder all that money quickly.)

Look, I know that online password databases are more convenient. But they’re also risky. This is why my Password Safe is local only. (I know this sounds like a commercial, but Password Safe is not a commercial product.)

Read More

Advisories

SEC Consult SA-20230918-0 :: Authenticated Remote Code Execution and Missing Authentication in Atos Unify OpenScape

Read Time:15 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 18

SEC Consult Vulnerability Lab Security Advisory < 20230918-0 >
=======================================================================
title: Authenticated Remote Code Execution and
Missing Authentication
product: Atos Unify OpenScape Session Border Controller
Atos Unify OpenScape Branch
Atos Unify OpenScape BCF
vulnerable version: OpenScape SBC…

Read More

Advisories

SEC Consult SA-20230829-0 :: Reflected Cross-Site Scripting (XSS) in PTC – Codebeamer (ALM Solution)

Read Time:20 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 18

SEC Consult Vulnerability Lab Security Advisory < 20230829-0 >
=======================================================================
title: Reflected Cross-Site Scripting (XSS)
product: PTC – Codebeamer (ALM Solution)
vulnerable version: <=22.10-SP7, <=22.04-SP5, <=21.09-SP13
fixed version: >=22.10-SP8, >=22.04-SP6, >=21.09-SP14
CVE number: CVE-2023-4296…

Read More

Advisories

APPLE-SA-2023-09-11-3 macOS Big Sur 11.7.10

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Sep 18

APPLE-SA-2023-09-11-3 macOS Big Sur 11.7.10

macOS Big Sur 11.7.10 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213915.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

ImageIO
Available for: macOS Big Sur
Impact: Processing a maliciously crafted image may lead to arbitrary
code…

Read More